Data Privacy Policy

1.) Name and contact details of the Data Controller and the company Data Protection Officer

This data protection information applies to data processing by:

HEGLA GmbH & Co. KG (hereinafter: Controller)

Service address:
Industriestraße 21, 37688 Beverungen, Germany
Email: info(at)
Telephone: 05273/905-0
Fax: 05273/905-255

The person responsible for data protection at the Controller can be reached via the above address, FAO Ludger Freitag or via ludger.freitag(at)

2.) Collection and storage of personal data as well as type and purpose of their use

a.)    When visiting the website
When loading our website , the browser used on your device automatically sends information to our website’s server. This information is stored temporarily in a log file. We collect the following information without any effort on your part, which will be saved before it is automatically deleted:

  • Browser type and version

  • Operating system used

  • The website that you visited us from (referrer URL)

  • Website that you visit

  • Date and time of your access

  • Your internet protocol (IP) address

  • Internet service provider

We use the specified data for the following purposes:

  • To ensure that a seamless connection is established to the website,

  • To ensure that our website can be used easily,

  • To evaluate system security and stability, and

  • For other administrative purposes.

The legal basis for the data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest results from the data collection purposes listed above. Under no circumstances will we use the collected data to draw conclusions about your identity.
Furthermore, we use cookies as well as analytic services when you visit our website. You can find more detailed explanations on this in Sections 4 and 5 of this Data Privacy Policy.

b.)    When registering with the website
You have the option to register with our website by entering personal data. Which type of personal data is sent to us depends on the input screen used for registration. The personal data entered is intended exclusively for internal use and is collected and stored for our own purposes. We can arrange forwarding to one or more contract processors, for example a parcel servicer provider, which will also utilise the personal data exclusively for internal use, which is assigned to the data controller.
By registering, the IP address assigned to you by your internet service provider (ISP), the date and time of registration are also stored. This data is stored solely to make it possible for us to prevent the misuse of our services, and, where necessary, to provide this data to resolve perpetrated crimes. The storage of this data is therefore required to protect the data controller. This data is generally not transferred to third parties, provided there is no legal obligation to transfer it, or if it is used for legal prosecution.
Registration, with the voluntary provision of personal data, allows us to offer you content or services, the nature of which means they can only be offered to registered users. As a registered user, you are free to amend the personal data provided during registration at any time or to delete it from our data records entirely.

c.)    When subscribing to our newsletter
Subject to your explicit agreement in accordance with Art 6 para. 1 sentence 1 lit. a GDPR, we will use your email address to send you our regular newsletter. All you need to do to receive the newsletter is to provide an email address.
Optionally providing a salutation, as well as your first name and surname, is only used to address you personally in the newsletter.
You can unsubscribe at any time, for example via a link at the end of each newsletter. Alternatively, you can send your request to unsubscribe via email to marketing(at) at any time.

d.)    When using our contact form
If you have questions of any kind, we will offer you the option to contact us via the form provided on the website. In this case, it is necessary to enter a valid email address so that we know where the query comes from and in order to be able to answer these. Further information can be provided voluntarily.
Data processing for the purpose of contacting us occurs in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of your voluntary consent.
The personal data collected we collect for use of the contact form is deleted automatically once your query has been processed.

3.) Transfer of data

Personal data will not be transferred to third parties for any purposes other than those listed below.
We only transfer your personal data to third parties if:

  • You have granted your express consent in accordance with Art. 6 para 1 sentence 1 lit. a GDPR,

  • The transfer of data is necessary in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR to assert, exercise or defend legal claims and there is no reason to assume that you have any overriding, legitimate interest in not transferring your data,

  • In the event that there is a legal obligation to transfer information in accordance with Art. 6 para. 1 sentence 1 lit. c GDPR, and

  • it is legally permitted and required in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR for the execution of contractual relationships with you.

4.) Cookies

We use cookies on our site. These are small files that your browser creates automatically and which are stored on your device (laptop, tablet, smartphone etc.) when you visit our site. Cookies do not damage your device or contain any viruses, Trojans or other malware.
The cookie stores information related to the specific device used. This does not mean, however, that we will become directly aware of your identity as a result.
We use cookies to make using our website more convenient for you. We use session cookies to detect that you have already visited certain pages of our website. These are deleted automatically once you leave our website.
In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your device for a specified period of time. When you visit our site again to use our services, the site automatically detects that you have already visited us before and which entries and settings you have made so you do not have to set these again.
In addition, we use cookies to collect statistics about the use of our website and in order to optimise our website for you (see Section 5). These cookies allow us to detect automatically that you have already visited us when you return to our site. These cookies are deleted automatically after a specified period of time.
The data processed by cookies is required for the purposes specified to safeguard our legitimate interests and those of third parties in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.
Most browsers automatically accept cookies. You can however configure your browser not to store cookies on your computer or to always display a message before a new cookie is created. Fully deactivating cookies may render some functions of our website unusable, however.

This cookie policy has been created and updated by the Cookie Consent Tool.

5.) Analysis and tracking tools

The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR. With the tracking measures used, we want to ensure that our website is designed and continuously optimised to meet your needs. In addition, we use tracking measures to collect statistics about the use of our website and in order to evaluate the optimisation of our website for you. These interests must be viewed as legitimate in accordance with the aforementioned provision.
The specific data processing purposes and data categories can be found in the relevant tracking tools.

a.)    Google Analytics
We use Google Analytics, a web analytics service by Google Inc., to enable the customer-oriented design and continuous improvement of our website. ( (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). Pseudonymised user profiles are created in this respect and cookies (see under Section 4) are used. The information about your use of this website generated by the cookie, such as

  • Browser type/version,

  • Operating system used,

  • Referrer URL (the previously visited website),

  • Host name of the accessing computer (IP address),

  • Time of server inquiry,

is transmitted to a Google server in the USA and stored there. This information is used to evaluate the use of the website, to prepare website activity reports and to provide additional services related to use of the website and the internet for market research purposes and the customer-oriented design of these websites. This information may also be transferred to third parties, as the case may be, if required by law or to the extent that third parties are contracted to process this data. Under no circumstances will your IP address be associated with any other data held by Google. The IP addresses are anonymised in order to prevent any association (IP masking).
You can prevent the installation of cookies by configuring your browser software accordingly. However, this may fully or partially disable certain functions of this website.
You can also prevent the collection of data related to your website use generated by the cookie (incl. your IP address) and the processing of this data by Google by downloading and installing a browser add-on. (
Alternatively to the browser add-on, especially for browsers on mobile devices, you can also prevent data collection by Google Analytics by clicking on this link. An opt-out cookie will be set to prevent your data from being saved when you visit this website in the future. The opt-out cookie applies only in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you’ll have to place the opt-out cookie again.
You can find further information about data protection in connection with Google Analytics in Google Analytics help (

b.)    Google Adwords Conversion Tracking
To collect statistics about the use of our website and in order to evaluate how we can optimise our website for you, we also use Google Conversion Tracking. If you reach our website via a Google advert, a cookie (see Section 4) will be placed on your computer by Google Adwords.
These cookies become invalid after 30 days and are not used for personal identification. If the user visits certain pages of the website of the Adwords customer and the cookie has not yet expired, Google and the customer can detect that the user has clicked on the advert and was forwarded to this website.
Each Adwords customer receives a different cookie. Cookies can therefore not be traced via the websites of Adwords customers. The information obtained using the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers learn the total number of users who have clicked on their advert and were forwarded to a page containing a conversion tracking tag. However, you do not receive any information which permits the personal identification of the users.
If you would not like to participate in the tracking procedure, you can also reject the placement of cookies required for this purpose, such as by adjusting the browser settings so that the automatic placement of cookies is deactivated in general. You can also deactivate cookies for conversion tracking by setting up your browser so that cookies are blocked by the domain “”. You can find Google’s data privacy information about conversion tracking here (

6.) Social media plugins

On the basis of Art. 6 para. 1 sentence 1 lit. f GDPR, we use social plugins on our website from the social networks Facebook, Xing, Twitter and Instagram to give our company more exposure. The commercial purpose underlying this is viewed as a legitimate interest under GDPR. The respective providers are responsible for the data protection law-conforming operation of the plugins. We incorporate these plugins using the ‘two-click method’ to protect visitors to our website as well as possible.

a.)    Facebook
Our website uses Facebook social media plugins to personalise its use. To achieve this, we use the “LIKE” and “SHARE” buttons. This is a service offered by Facebook.
If you access a page of our website that includes such a plugin, your browser will establish a direct connection to the Facebook servers. Facebook delivers the content of the plugin directly to your browser and your browser embeds the content in the website.
Embedding the plugins enables Facebook to receive the information that your browser has opened the corresponding page of our website, even if you do not have a Facebook account or are currently not logged in to Facebook. Your browser transmits this information (including your IP address) directly to a Facebook server in the USA, where it is stored.
When you are logged in to Facebook, Facebook can assign the visit of our website directly to your Facebook account. If you interact with the plugins, e.g. if you click the "LIKE" or "SHARE" buttons, the corresponding information is likewise transmitted to a Facebook server and stored. In addition, this information is published on Facebook and disclosed to your Facebook friends.
Facebook may use this information for marketing and market research purposes, as well as for the customer-oriented design of Facebook pages. Facebook for this purpose creates usage, interest and relationship profiles, e.g. to analyse the use of our websites with regard to adverts displayed to you on Facebook, to inform other Facebook users about your activities on our website and to provide additional services related to the use of Facebook.
If you do not want Facebook to assign data collected through our website to your Facebook account, you must log out of Facebook before visiting our website.
For more information about the purpose and scope of the data collection and further data processing by Facebook and your respective rights and configuration options to protect your privacy, please see the Facebook privacy policy ( .

b.)    Xing
Xing plugins are also used on our website. The social network “Xing” is operated by Xing AG, Dammtorstraße 30, 20354 Hamburg, Germany; On the website, this plugin is indicated by the Xing logo. When you open a page of our website that includes such a plugin, a direct connection will be established between your browser and the Xing server. This way, Xing is notified about your IP address visiting our page. If you have a user account with this provider and are logged in, the data accessed will be associated with this account. Should you not wish such association to take place, you must log out of Xing before visiting the website.
You can find further details in Xing’s privacy policy.

c.)    Twitter
Plugins provided by the short text message network of Twitter Inc. (Twitter) are integrated into our website. The Twitter plugins (tweet button) are recognisable by the Twitter logo on our page. You can find an overview of the tweet buttons here (
When you open a page of our website that includes such a plugin, the latter will establish a direct connection between your browser and the Twitter server. This way, Twitter is notified about your IP address visiting our page. If you click the Twitter tweet button while you are logged in to your Twitter account, you can link the contents of our pages to your Twitter profile. This enables Twitter to allocate the visit on our pages to your user account. Please note that we as the website provider have no information about the contents of the transmitted data or their use by Twitter.
If you do not want Twitter to be able to assign the visit of our website to your profile, please log out from your Twitter user account.
For more information on this topic, please see the Twitter privacy policy (

d.)    Instagram
Our website also uses social plugins (“plugins”) from Instagram, which is operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”).
The plugins are indicated with an Instagram logo, for example in the form of an “Instagram camera”.
If you access a page of our website that includes such a plugin, your browser will establish a direct connection to the Instagram servers. Instagram sends the content of the plugin directly to your browser and embeds it in the page. Embedding the plugins enables Instagram to receive the information that your browser has opened the corresponding page of our website, even if you do not have an Instagram account or are currently not logged in to Instagram.
This information (including your IP address) is sent by your browser directly to an Instagram server in the USA, where it is stored. When you are logged in to Instagram, Instagram can assign the visit of our website directly to your Instagram account. If you interact with the plugins, e.g. if you click the “Instagram” button, the corresponding information is likewise transmitted to an Instagram server and stored there.
The information is also published on your Instagram account, where it is visible to your contacts.
If you do not want Instagram to assign data collected through our website directly to your Instagram account, you must log out of Instagram before visiting our website.
For more information on this topic, please see the Instagram privacy policy ( .

7.) More plugins

a.)    Google Maps
We use Google Maps on our website to display our location. Google Maps is operated by Google Inc. When loading our contact page, into which “Google Maps” is integrated, a cookie is placed on your device by Google to process user settings and data when displaying the site and the related functions on the page featuring Google Maps. This cookie is usually not deleted by closing the browser, but instead expires after a certain period (up to 24 months) if you do not delete it before. If you do not consent to this processing, you can deactivate the Google Maps service and prevent the transfer of data by deactivating the JavaScript function in your browser.
You can find more information about the cookies used by Google here and in Google’s data privacy policy.

8.) Data subject rights

You have the right:

  • to request information about your processed personal data in accordance with Article 15 GDPR. In addition, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage duration, the existence of a right to correction, erasure, restriction of processing or objection, the existence of a right to complain, the origin of the data, if the data has not been collected by us, as well as the existence of automated decision-making, including profiling and potentially meaningful information about details thereof;

  • to request the correction of inaccurate or the amendment of incomplete personal data that we have stored in accordance with Art. 16 GDPR;

  • to request the erasure of your personal data we have stored, provided that the processing is not required to exercise the right to freedom of expression and information, the fulfilment of a legal obligation, for reasons of public interest or to assert, exercise or defend against legal claims in accordance with Art. 17 GDPR;

  • to request the restriction of processing of your personal data in accordance with Art. 18 GDPR, insofar as you contest the accuracy of the data, processing is unlawful, but you reject its erasure, and we no longer require the data, but you require it to assert, exercise or defend against legal claims or you have filed a complaint against processing in accordance with Art. 21 GDPR;

  • to receive the personal data you have provided to us in a structured, standard and machine-readable format or to request the transfer of this data to another controller in accordance with Article 20 GDPR;

  • to withdraw any previously granted consent in accordance with Art. 7 para. 3 GDPR. As a consequence, we may no longer continue with the data processing that is based on this consent in the future, and

  • to file a complaint with a supervisory authority in accordance with Art. 77 GDPR. In general, you can contact the supervisory authority at your place of residence or work or our company headquarters in Beverungen.

9.) Right to object

Insofar as your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right, in accordance with Art. 21 GDPR, to object against the processing of your personal data, provided you have reasons that result from your particular situation or you object against direct advertising. In the latter case, you have a general right to object, which is implemented without information from us that there is a special situation.
If you would like to assert your right to object, send an email to info(at)

10.) Data security

On this website, we use the common SSL protocol (Secure Socket Layer) in conjunction with the highest level of encryption that is supported by your browser. In general, this is 256 bit encryption. If your browser does not support 256 bit encryption, we will use 128 bit v3 technology instead. You can tell whether an individual page on our website is encrypted by looking for the closed padlock or key symbol in your browser’s lower status bar.
We otherwise use suitable technical and organisational security measures to protect your data against random or intentional tampering, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are subject to continuous improvements in line with technological developments.

11.) Updates and amendments to this Data Privacy Policy

This Data Privacy Policy is currently applicable and dated May 2018.
Due to the continuing evolvement of our website and offerings, or as a result of amended statutory or official provisions, it may be necessary to amend this Data Privacy Policy. You can call up and print out the most up-to-date Data Privacy Policy on our website at at any time.

12.) MailChimp Privacy Policy

Like many other websites we use the services of the newsletter company MailChimp on our website. The operator of MailChimp is The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA. Thanks to MailChimp we can send you interesting news very easily via newsletter. With MailChimp we do not have to install anything and can still draw from a pool of really useful functions. In the following we will go into more detail about this e-mail marketing service and inform you about the most important data protection aspects.

What is MailChimp?

MailChimp is a cloud-based newsletter management service. "Cloudbased" means that we do not have to install MailChimp on our own computer or server. Instead, we use the service via an IT infrastructure - which is available via the internet - on an external server. This way of using a software is also called SaaS (Software as a Service).

With MailChimp we can choose from a wide range of different e-mail types. Depending on what we want to achieve with our newsletter, we can run single campaigns, regular campaigns, autoresponders (automatic email), A/B tests, RSS campaigns (sending in predefined time and frequency) and follow-up campaigns.

Why do we use MailChimp on our website?

Basically we use a newsletter service to keep in touch with you. We want to tell you what's new with us or what attractive offers we currently have in our programme. For our marketing activities we always look for the simplest and best solutions. And that is why we have chosen the newsletter management service of Mailchimp. Although the software is very easy to use, it offers a large number of helpful features. So we can create interesting and beautiful newsletters in a very short time. With the offered design templates we can create each newsletter individually and thanks to the "Responsive Design" our content will be displayed legibly and beautifully on your smartphone (or any other mobile device).

Through tools such as the A/B test or the extensive analysis options, we can see very quickly how our newsletters are received by you. This enables us to react if necessary and improve our offer or services.

Another advantage is the "cloud system" of Mailchimp. The data is not stored and processed directly on our server. We can retrieve the data from external servers and thus save our storage space. In addition, the maintenance effort is significantly lower.

Which data is stored by MailChimp?

The Rocket Science Group LLC (MailChimp) maintains online platforms that enable us to contact you (if you have subscribed to our newsletter). If you become a subscriber of our newsletter via our website, you confirm your membership in an e-mail list of MailChimp by e-mail. So that MailChimp can also prove that you have registered with the "list provider", the date of registration and your IP address will be saved. Furthermore MailChimp stores your e-mail address, your name, the physical address and demographic information, like language or location.

This information is used to send you emails and to enable certain other MailChimp features (such as newsletter analysis).

MailChimp also shares information with third parties to provide better service. MailChimp also shares some information with third party advertising partners to better understand the interests and concerns of our customers and to provide more relevant content and targeted advertising.

Through so-called "web beacons" (which are small graphics in HTML emails), MailChimp can determine whether the email has arrived, whether it has been opened and whether links have been clicked on. All this information is stored on the MailChimp servers. Thus we receive statistical evaluations and see exactly how well our newsletter was received by you. In this way we can adapt our offer much better to your wishes and improve our service.

MailChimp may also use this information to improve our own service. This way, for example, the dispatch can be technically optimised or the location (country) of the recipients can be determined.

The following cookies can be set by Mailchimp. This is not a complete cookie list, but rather an exemplary selection:

Value: Prod
Purpose: This cookie is necessary to provide the Mailchimp services. It is always set when a user registers for a newsletter mailing list.
Expiry date: after session end

Name: ak_bmsc
Wert: F1766FA98C9BB9DE4A39F70A9E5EEAB55F6517348A7000001311229285-3
Purpose: The cookie is used to distinguish a human from a bot. This enables secure reports to be generated about the use of a website.
Expiry date: after 2 hours

Name: bm_sv
Wert: A5A322305B4401C2451FC22FFF547486~FEsKGvX8eovCwTeFTzb8//I3ak2Au…
Purpose: The cookie is from MasterPass Digital Wallet (a MasterCard service) and is used to offer a visitor a virtual payment transaction securely and easily. For this purpose, the user is anonymously identified on the website.
Expiry date: after 2 hours

Name: _abck
Wert: 8D545C8CCA4C3A50579014C449B045311229285-9
Purpose: We could not find out any further information about the purpose of this cookie
Expiry date: after one year

Sometimes it can happen that you open our newsletter for a better presentation via a given link. This is the case, for example, if your e-mail programme does not work or the newsletter is not displayed correctly. The newsletter is then displayed on a MailChimp website. MailChimp also uses cookies (small text files that store data on your browser) on its own websites. Personal data may be processed by MailChimp and its partners (e.g. Google Analytics). This data collection is the responsibility of MailChimp and we have no influence on it. In the "Cookie Statement" of MailChimp (under: you can find out exactly how and why the company uses cookies.

How long and where is the data stored?

Since MailChimp is an American company, all collected data is also stored on American servers.

In principle, the data remains permanently stored on the servers of Mailchimp and is only deleted when you request it. You can have your contact deleted by us. This permanently removes all your personal data for us and makes you anonymous in the Mailchimp reports. However, you can also request the deletion of your data directly from Mailchimp. Then all your data will be removed there and we get a notification from MailChimp. After we receive the email, we have 30 days to delete your contact from all connected integrations.

How can I delete my data or prevent the data storage?

You can withdraw your consent to receive our newsletter at any time within the received e-mail by clicking on the link in the lower area. If you have unsubscribed by clicking on the unsubscribe link, your data will be deleted by MailChimp.

If you reach a MailChimp website via a link in our newsletter and cookies are set in your browser, you can delete or deactivate these cookies at any time.

Depending on your browser, the deactivation or deletion works slightly differently. The following instructions show how to manage cookies in your browser:

Chrome: Delete, enable and manage cookies in Chrome

Safari: Managing cookies and website data with Safari

Firefox: delete cookies to remove data that websites have placed on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you do not wish to receive cookies, you can set up your browser so that it always informs you when a cookie is to be set. In this way, you can decide for each individual cookie whether you wish to allow it or not.

MailChimp is an active participant in the EU-U.S. Privacy Shield Framework which regulates the correct and secure transfer of personal data. You can find more information about this on You can learn more about the use of cookies with MailChimp on, information about data protection with MailChimp (privacy) can be found on

MailChimp order data processing contract
We have concluded a contract with MailChimp for data processing addendum. This contract serves to protect your personal data and ensures that MailChimp complies with the applicable data protection regulations and does not pass on your personal data to third parties.

You can find more information about this contract on

Quelle: Erstellt mit dem Datenschutz-Generator der AdSimple® Online-Marketing-Agentur